InfoSec Handlers Diary Blog

On a day like this it's not such a big effort to ponder about the
different mentality and ethics people have. Don't worry,
I won't go away from the information security scene.

Ethics

Crackers

I generally call people breaking into systems crackers, not hackers.

Why do they do it? Because they can.

Do they know they cause a lot of work? Yes:
they will often try to minimize the work by leaving the original content
in a backup copy.

In their ethical view it's right, all you need
to do as a defender is
fix the bug and reinstall the backup over their defacement.
Unfortunately
this is only true is you know 100% sure the cracker didn't do anything else,
otherwise it takes a lot more work.

Spammers

People sending unsolicited bulk email are what I call spammers.
They have noticed honeypots and don't seem to like them
very much. But their view on the ethics is very strange indeed.

Many people are quite irritated about unsolicited bulk email, many places
have laws against it.

But still the "bulkers" as they call themselves
sell tools to be more anonymous, and as a new catch form one of our
readers, to avoid honeypots.

They label honeypots as framing them.
Perhaps that's true, but if you don't steal resources, while trying
to get away with it in the first place, the honeypots woudn't get
found in the first place.

And if reporting them to their ISP does hurt them it's only because
they violated an AUP.

Programmers

I'm not a developer anymore for many years, but when I do program that odd
script the way I look
at software is quite different from the way I see developers look at software.